For the first time in cybercrime’s history, more attacks have been waged against mobile devices than have been hurled at desktops.
This seminal shift in attack strategy was recorded by researchers at LexisNexis Risk Solutions during the creation of their latest cybercrime report, “Fraud Without Borders.”
The report is based on the analysis of 19 billion transactions that took place on LexisNexis’ Digital Identity Network between July and December last year. Among those transactions, researchers identified 401 million attacks, 264 million of which targeted mobile devices, while 137 million struck at desktops.
Although criminals showed a marked preference for mobile in terms of the volume of attacks, the attack rates targeting transactions were virtually identical. While researchers noted a 56% rise in the mobile attack rate year on year and a 23% decline in the desktop attack rate, the rate of attacks targeting transactions was 2.7% and 2.5% for desktops and mobile devices, respectively.
Commenting on the online crime world’s historic change of tack, researchers wrote: “Although this is heavily influenced by a key global bot attack, it nevertheless shows a shift in focus of global cybercrime towards targeting the mobile channel.
“These bots are vast, automated and come from multiple global geographies and were particularly targeting new account creation transactions during the second half of 2019.”
When comparing different types of attacks on mobile devices, researchers found that mobile browser transactions were attacked at a higher rate than mobile app transactions. However, attacks on mobile apps were observed to have grown at a rate of 171% year on year.
In terms of the financial impact of cybercrime, researchers deduced from the data that during a one-month period alone, $40m was at risk from cross-organizational fraud exposure.
The report portrays cybercrime as borderless, innovative, and highly sophisticated, with researchers noting that criminal networks now mirror legitimate enterprises in their organizational structure.
Criminal “finance departments” deal with the laundering of money, while “procurement” enlists money mules and “engineering” develops cutting-edge attacks to bypass the latest advances in cyber defenses.
“Analysis in this report shows that cybercrime is operating on a global scale in vast, interconnected networks that are unrestricted by regional, country or industry borders,” wrote researchers. “It’s clear that cybercrime is a highly networked, complex and ever-evolving beast.”
By Sarah Coble